Reference no: EM13919273
Network Security Assessment
You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer's data. With your background and skills, they are looking to you to provide guidance. In addition to helping them secure their network, they require that you obtain your CompTIA Security+ certification within 60 days of being hired.
In addition to the owner, who serves as the overall business manager, there are about 20 people on staff:
- 10 accountants
- 3 administrative support specialists
- 1 vice president
- 1 financial manager
- 2 interns
There is also one IT support technician on staff, who has basic computer hardware and networking knowledge. He has requested that the firm create a website, hosted internally, so that new customers can get information about the firm. This will be important to remember as you complete your final project.
The firm has a simple network. There are currently 20 computers and two multipurpose printers. All computers and printers are connected wirelessly to a NETGEAR MR814 device. This router is connected to a Motorola SB3100 cable modem. Staff e mail accounts are set up through the company's Internet provider. Employees use a combination of Microsoft Outlook and standard web browsers to access their e-mail. The owner is known to use his personal iPad during work hours to check and respond to e mail messages.
Prior to your hiring, they hired a network cabling contractor to run Cat 6 cables from the central wiring closet to all offices and cubicles. They want to move away from using wireless as the primary network connection, but want to keep wireless access for customers coming to the building. The technician who did the wiring mentioned to your supervisor that he should look into setting up a Windows Server domain to manage user access, instead of the current peer-to-peer network. He also recommended that the firm invest in a managed switch and a firewall, and look into having some backups. The internal IT support technician agreed with these recommendations but needs your help to implement them.
You've been asked to assess the current vulnerabilities and provide a recommendation to the firm's owner on how to better secure the network infrastructure. Now that you are aware of the firm's history, your assessment and recommendation should provide specifics about the network security settings that must be implemented and the equipment that must be procured, installed, and configured. The firm's owner has a basic understanding of computing, so it is important that you explain the technical issues in layman's terms.
I. Vulnerability Assessments
Use this section to describe any network security vulnerabilities. Use the scenario along with industry standards and best practices to identify the vulnerabilities. Describe why it is vulnerable and what the implication is if it is not mitigated.
The example below is of the physical security of a warehouse. (In your submission, you will have several vulnerabilities identified and mitigated.)
At the Alpha Warehouse, we discovered one key vulnerability to the physical security. This was the use of a Master Lock combination lock to secure the back entrance. While the use of a combination lock can limit the number of people who can enter to those given the combination, vulnerability in the design of these locks was recently exposed. By using "a process that requires less than two minutes and a minimal amount of skill to carry out [[1]]," would-be thieves can access the warehouse through a single entrance. While the thief will need to also have access to an online calculator that helps stream the process, the prevalence of smart phones makes this a small hurdle to jump, allowing any interested parties quick access to the Alpha Warehouse.
|
Indirect cost
: A cost that is common to more than one cost objective is a(n): a. indirect cost b. product cost c. direct cost d. period cost
|
|
What are the total earnings for the portfolio
: What are the total earnings for the portfolio? What is the marginal rate of return on the portfolio? That is, how much more could be earned by investing one more dollar in the portfolio?
|
|
What is goldbergs rationale for the study
: What is Goldberg's rationale for the study? Was the study designed to contribute to theory? Do the results of the study contribute to theory? For both questions: If so, how? If not, why not?
|
|
Diagnostic and treatment space equipment and location
: Health care facilities are unique and have clearly defined characteristics based on the needs of the facility or population being served. Poor design may lead to staff, visitor, or patient stress. In large facilities, inability to find a departmen..
|
|
Network security assessment
: You have been recently hired as a network security analyst for a small accounting firm. The firm is realizing that they need help to secure their network and customer's data. With your background and skills, they are looking to you to provide guid..
|
|
Work-in-process inventory
: Goods purchased but which have not yet entered into the production process are known as: a. merchandise inventory b. raw materials inventory c. work-in-process inventory d. finished goods inventory
|
|
Digital forensic work in the case
: Create a numbered list or table to document the important step-by-step actions taken by the examiner sequentially for the digital forensic work in this case. Include date, time, devices, tools, data files, and any logs generated. You only need to ..
|
|
Depreciation on machinery
: Depreciation on machinery is $940 for the accounting period.Interest incurred on a loan but not paid or recorded is $635.
|
|
What is optimal allocation of investment funds among stocks
: What is the optimal allocation of investment funds among stocks, bonds, mutual funds, and cash? What is the annual rate of return and the total risk for the optimal portfolio?
|